27.2.14 Lab Isolate Compromised Host Using 5 Tuple - PanamaP/KEST3CO05DU GitHub Wiki
What kind of transactions occurred between the client and the server in this attack?
Hann fékk root access, breytti siðan /shadow og /passwd
What did you observe? What do the text colors red and blue indicate?
rauði er client og blái er server
The attacker issues the whoami command on the target. What does this show about the attacker role on the target computer?
Að hann sé með root access
Let's filter for bro_ftp. Hover over the empty space next to the count of bro_ftp data types. Select + to filter for only FTP related traffic as shown in the figure.
Það koma engar niðurstöður þegar ég breyti með þessum filter..